From b09f6f386a15ec001ad17bdee741d6f17f9c29a4 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Sun, 8 Dec 2002 17:04:23 +0000 Subject: [PATCH] Define some macros for accessing shorts and ints in an endian independent manner. Start processing the header and etc. Make sure it compiles on Linux, and runs on Linux for the code that is there. Will try FreeBSD soon, and maybe Slowaris. (This used to be commit ee998438618c088d04ddfed05a9ba2d65f36e4ac) --- source3/utils/editreg.c | 65 ++++++++++++++++++++++++++++++++++--------------- 1 file changed, 46 insertions(+), 19 deletions(-) diff --git a/source3/utils/editreg.c b/source3/utils/editreg.c index 96763851051..cf2fb6a0745 100644 --- a/source3/utils/editreg.c +++ b/source3/utils/editreg.c @@ -458,7 +458,12 @@ typedef struct sk_map_s { #define REGF_REGTYPE_NONE 0 #define REGF_REGTYPE_NT 1 #define REGF_REGTYPE_W9X 2 - + +#define TTTONTTIME(r, t1, t2) (r)->last_mod_time.low = (t1); \ + (r)->last_mod_time.high = (t2); + +#define REGF_HDR_BLKSIZ 0x1000 + typedef struct regf_struct_s { int reg_type; char *regfile_name, *outfile_name; @@ -466,6 +471,7 @@ typedef struct regf_struct_s { struct stat sbuf; char *base; int modified; + NTTIME last_mod_time; REG_KEY *root; /* Root of the tree for this file */ int sk_count, sk_map_size; SK_MAP **sk_map; @@ -475,6 +481,16 @@ typedef struct regf_struct_s { * Structures for dealing with the on-disk format of the registry */ +#define IVAL(buf) ((unsigned int) \ + (unsigned int)*((unsigned char *)(buf)+3)<<24| \ + (unsigned int)*((unsigned char *)(buf)+2)<<16| \ + (unsigned int)*((unsigned char *)(buf)+1)<<8| \ + (unsigned int)*((unsigned char *)(buf)+0)) + +#define SVAL(buf) ((unsigned short) \ + (unsigned short)*((unsigned char *)(buf)+1)<<8| \ + (unsigned short)*((unsigned char *)(buf)+0)) + typedef unsigned int DWORD; typedef unsigned short WORD; @@ -586,8 +602,8 @@ typedef struct vk_struct { #define REG_TYPE_DWORD 4 #define REG_TYPE_MULTISZ 7 -#define OFF(f) ((f) + 0x1000 + 4) -#define LOCN(f) (base + OFF(f)) +#define OFF(f) ((f) + REGF_HDR_BLKSIZ + 4) +#define LOCN(base, f) ((base) + OFF(f)) int nt_set_regf_input_file(REGF *regf, char *filename) { @@ -632,25 +648,25 @@ int nt_free_regf(REGF *regf) } -/* Get the header of the registry - If the mmap'd area has not been allocated, then mmap the input file -*/ -int nt_get_regf_hdr(REGF *regf) +/* Get the header of the registry. Return a pointer to the structure + * If the mmap'd area has not been allocated, then mmap the input file + */ +REGF_HDR *nt_get_regf_hdr(REGF *regf) { if (!regf) - return -1; /* What about errors */ + return NULL; /* What about errors */ if (!regf->regfile_name) - return -1; /* What about errors */ + return NULL; /* What about errors */ if (!regf->base) { /* Try to mmap etc the file */ if ((regf->fd = open(regf->regfile_name, O_RDONLY, 0000)) <0) { - return regf->fd; /* What about errors */ + return NULL; /* What about errors? */ } if (fstat(regf->fd, ®f->sbuf) < 0) { - return -1; + return NULL; } regf->base = mmap(0, regf->sbuf.st_size, PROT_READ, MAP_SHARED, regf->fd, 0); @@ -658,7 +674,7 @@ int nt_get_regf_hdr(REGF *regf) if ((int)regf->base == 1) { fprintf(stderr, "Could not mmap file: %s, %s\n", regf->regfile_name, strerror(errno)); - return -1; + return NULL; } } @@ -669,9 +685,7 @@ int nt_get_regf_hdr(REGF *regf) assert(regf->base != NULL); - - - return 1; + return (REGF_HDR *)regf->base; } int nt_get_hbin_hdr(REGF *regf, int hbin_offs) @@ -682,15 +696,28 @@ int nt_get_hbin_hdr(REGF *regf, int hbin_offs) int nt_load_registry(REGF *regf) { - int rc; + REGF_HDR *regf_hdr; + unsigned int regf_id; /* Get the header */ - if ((rc = nt_get_regf_hdr(regf)) < 0) { - return rc; + if ((regf_hdr = nt_get_regf_hdr(regf)) == NULL) { + return -1; } - /* Now what? */ + /* Now process that header and start to read the rest in */ + + if ((regf_id = IVAL(®f_hdr->REGF_ID)) != REG_REGF_ID) { + fprintf(stderr, "Unrecognized NT registry header id: %0X, %s\n", + regf_id, regf->regfile_name); + return -1; + } + + /* Update the last mod date, and then go get the first NK record and on */ + + TTTONTTIME(regf, IVAL(®f_hdr->tim1), IVAL(®f_hdr->tim2)); + + return 1; } -- 2.11.4.GIT